UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

NR/L1/INF/02232

Information Security Policy - This standard should only be used for reference to ensure 'The Control of Risk' until the compliance date of its replacement standard is reached, upon which this standard will be withdrawn. The development of all new processes and procedures should be to the replacement standard

active, Most Current
Buy Now
Organization: NR
Publication Date: 5 March 2016
Status: active
Page Count: 12
scope:

This policy applies to all Users who have access to Network Rail information and information systems.

This policy describes the framework for governance management and of security requirements for information and information systems.

It applies to Network Rail information that is accessed, processed, used or handled in both electronic and non-electronic format.

NOTE: Failure to comply with this policy might constitute a breach of terms and conditions of employment or contract and can lead to legal or disciplinary action including dismissal or termination of contract. In instances where disciplinary action is required this will be in accordance with the Network Rail Fair Culture process.

Purpose

The purpose of this policy is to set Network Rail's priorities for Information Security.

Information Security supports Network Rail business objectives by protecting the information it requires to achieve these.

Through consistent identification, understanding and assessment of information security risks Network Rail is able to apply appropriate controls in order to manage information security risks at the appropriate level for the company.

Document History

NR/L1/INF/02232
March 5, 2016
Information Security Policy - This standard should only be used for reference to ensure 'The Control of Risk' until the compliance date of its replacement standard is reached, upon which this standard will be withdrawn. The development of all new processes and procedures should be to the replacement standard
This policy applies to all Users who have access to Network Rail information and information systems. This policy describes the framework for governance management and of security requirements for...
NR/L1/INF/02232 ISSUE 1
December 5, 2009
Information Security Policy
This standard applies to all Network Rail employees and all Users of Network Rail's Information and Information Systems. This standard and the Information Security Policy Documents supporting it...

References

This document references:
NR/L2/INF/02223 - Information Classifications - Security
Published by NR on June 2, 2018
This standard applies to all people that are responsible for creating, processing, handling, storing and destroying data and information for and on behalf of Network Rail. Purpose This standard...
This document references:
NR/L3/INF/02226 - Corporate Records Retention Schedule
Published by NR on December 2, 2017
This business process and associated schedule specifies authorised retention periods for Network Rail’s corporate records. It covers: a) all records created, received and managed by Network Rail; and...
This document is referenced by:
NR/L2/TEL/30182 - Secure Configuration and Management of Network Rail Telecom Internet Protocol (IP) Networks, Systems and Devices
Published by NR on March 2, 2019
This standard specifies the minimum-security requirements for configuring, managing and monitoring the Network Rail telecommunication IP network, network devices and connected systems. This standard...
This document is referenced by:
NR/L2/TEL/30184 - Specification for Network Rail Telecoms Systems Architecture, Technical Design and Test Assurance
Published by NR on June 3, 2017
This Network Rail Telecom standard applies to NRT systems architecture, including strategy and roadmap, architects, technical design and test assurance activities needed to scope systems projects and...
This document is referenced by:
ACC/CAT/CO/001 ISSUE 130 - Catalogue of Network Rail Standards (aka NR/CAT/STP/001)
December 2, 2023
A description is not available for this item.
This document is referenced by:
ACC/CNG/CO/001 ISSUE 130 - Changes from Last Issue (aka NR/IHS/CHANGES)
January 9, 2024
Lists all the new documents published in the last quarter
This document is referenced by:
NR/L2/INF/02242 - Information Security Manual
Published by NR on December 3, 2016
This manual describes the framework for governance management and of security requirements for information and information systems. This manual provides the baseline security principals to support...
This document is referenced by:
ACC/CNG/CO/001 ISSUE 130 - Changes from Last Issue (aka NR/IHS/CHANGES)
January 9, 2024
Lists all the new documents published in the last quarter
View Less
View All
Advertisement